802.1X Authenticated Wired Access

Updated: February 12, 2010

Applies To: Windows Server 2008, Windows Vista

Windows Server® 2008 provides features that you can use to deploy Institute of Electrical and Electronic Engineers (IEEE) 802.1X authenticated wired service for IEEE 802.3 Ethernet network clients. In combination with the 802.1X-capable Ethernet switches and other Windows Server 2008 services that you deploy on your network, you can use these Windows Server 2008 features to control who can access your network.

You can also use features in Windows Server 2008 to define the local area network (LAN) adapter connectivity and security settings that your clients use for connection attempts. For example, Network Policy Server (NPS) allows you to create and enforce network access policies for authentication, and authorization, and client health. The Wired Network (IEEE 802.3) Policies in Windows Server 2008 Group Policy enable you to configure your network client computers with the security and connectivity settings that they must use to connect to your network.

After you install Network Policy Server, product Help is available when you open the Network Policy Server Microsoft Management Console (MMC) and press F1. NPS product Help pertaining to 802.1X authenticated wired access configuration is dispersed throughout the NPS product Help, and logically linked in the topic “Checklist: Configure NPS for 802.1X Authenticating Switch Access;” the main body of which resides in the section titled “Client Computer Configuration.”

The 802.1X Authenticated Wired Access Design Guide can help you plan and design a new end-to-end 802.1X authenticated deployment for Ethernet networks, using features in Windows Server 2008 and 802.1X-capable wired switches that you deploy on your network. This design guide:

The 802.1X Wired Access Deployment Guide provides information about how to deploy IEEE 802.1X authenticated wired Ethernet network access. The guide contains information about how to configure network policies in NPS to authenticate and authorize clients to connect to your LAN. NPS is the Windows Server 2008 implementation of Remote Authentication Dial-in User Service (RADIUS). In the addition, this guide provides deployment information about how to configure:

The Netsh commands for wired local area network (LAN) provide methods to configure connectivity and security settings for computers running Windows Vista® and Windows Server 2008. You can use the Netsh LAN commands to configure the local computer or to configure multiple computers by using a logon script. You can also use the netsh LAN commands to view wired 802.1X Group Policy and to administer user wired 802.1X settings.